D-bus integration

Travis Hayes travis.hayes at gmail.com
Sat Apr 13 06:19:38 AEST 2024


Maybe this (putting login success/failure notifications onto D-bus) would
be a good thing for a PAM plugin to handle.

-Travis

>
> Gregory Seidman wrote in
>  <ZhiabssA26w1CDDz at peterbilt.lan>:
>  |Given the most recent security scare with distribution-patched sshd
> having
>  |a backdoor because it indirectly linked to xz, I'd expect sentiment to be
>  |strongly against adding any integrations.
>  |
>  |While there is some utility to what you are suggesting, maybe it makes
> more
>  |sense to split apart the fail2ban log parsing from its jail functionality
>  |and use it to parse logs onto D-bus. Let's keep sshd as simple and secure
>  |as it can be.
>
> There is blacklistd, now, for asylumatic read and golden yellow
> reasons, blocklistd.  It does this for a decade.
> Part of FreeBSD and originally from Christos Zoulas, NetBSD.
> (Though, last i looked, it really only notifies failed login
> attempts.)
> I do agree strongly, in that i personally very much think so, that
> recreating state from parsing log files is an atrocity.  Ie, for
> the purpose of filtering out bad actors at least, for interacting
> with the firewall that is, *live* and for operational purposes
> that is, lastly.
> Granted there are deep-inspecting firewalls and such which look
> into protocols; i think all Microsoft Virus stuff works like this,
> and Kaspersky is no longer allowed to do so, if i got this right.
> I dunno, as can be seen.
>
> --steffen
> |
> |Der Kragenbaer,                The moon bear,
> |der holt sich munter           he cheerfully and one by one
> |einen nach dem anderen runter  wa.ks himself off
> |(By Robert Gernhardt)
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>


More information about the openssh-unix-dev mailing list